AI Agent Skill HUB

x402-wach

DeFi risk analysis toolkit powered by WACH.AI via x402 payments using AWAL wallet custody. Use when the user asks to check if a token is safe, assess DeFi risk, detect honeypots, analyze liquidity, holder distribution, or smart contract vulnerabilities for tokens on Ethereum, Polygon, Base, BSC, or Solana. Costs 0.01 USDC per query on Base.

3,891 stars
byopenclaw
View on GitHubInstallation ↓

Best use case

x402-wach is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

DeFi risk analysis toolkit powered by WACH.AI via x402 payments using AWAL wallet custody. Use when the user asks to check if a token is safe, assess DeFi risk, detect honeypots, analyze liquidity, holder distribution, or smart contract vulnerabilities for tokens on Ethereum, Polygon, Base, BSC, or Solana. Costs 0.01 USDC per query on Base.

Teams using x402-wach should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/wachai-x402/SKILL.md --create-dirs "https://raw.githubusercontent.com/openclaw/skills/main/skills/akshat-mishra101/wachai-x402/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/wachai-x402/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How x402-wach Compares

Feature / Agentx402-wachStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

DeFi risk analysis toolkit powered by WACH.AI via x402 payments using AWAL wallet custody. Use when the user asks to check if a token is safe, assess DeFi risk, detect honeypots, analyze liquidity, holder distribution, or smart contract vulnerabilities for tokens on Ethereum, Polygon, Base, BSC, or Solana. Costs 0.01 USDC per query on Base.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

Related Guides

Best AI Skills for ChatGPT

Find the best AI skills to adapt into ChatGPT workflows for research, writing, summarization, planning, and repeatable assistant tasks.

AI Agent for Product Research

Browse AI agent skills for product research, competitive analysis, customer discovery, and structured product decision support.

AI Agent for SaaS Idea Validation

Use AI agent skills for SaaS idea validation, market research, customer discovery, competitor analysis, and documenting startup hypotheses.

SKILL.md Source

# x402-wach — DeFi Risk Analysis

A DeFi risk analysis toolkit powered by WACH.AI, using x402 with AWAL-managed key custody.

## OpenClaw Hard Rules (Non-Negotiable)

When this skill is active, OpenClaw must follow all rules below:

1. **Never request or expose secrets**
   - Never ask for private keys, seed phrases, mnemonics, wallet export files, or raw signing material.
   - Never suggest using `wallet.json` or any local key file flow.

2. **AWAL-only custody path**
   - Always use AWAL-backed commands for setup and payments.
   - Treat legacy local-wallet instructions as invalid for this skill version.

3. **Run readiness checks before paid calls**
   - Before `verify-risk`, ensure AWAL is ready via `wallet setup` or `wallet doctor`.
   - If not ready, stop and guide user to login/fund flow.

4. **Respect payment guardrails**
   - Default max payment cap is `10000` atomic USDC (`$0.01`) per request.
   - Do not raise cap unless the user explicitly asks.

5. **Do not hide payment failure details**
   - If payment fails, surface clear reason and next action (auth, balance, network, command mismatch).
   - Do not claim success unless report payload is actually present.

6. **No blind retries that may duplicate spend**
   - For network/transient errors, retry once at most.
   - Keep the same request context and tell the user a retry was attempted.

7. **Always present source link in final report**
   - Prefer TokenSense URL pattern:
     - `https://tokensense.wach.ai/<chain>/<tokenAddress>`
   - Use API source only as fallback.

## When to Use This Skill

Use this skill when user asks to:

- assess DeFi risk for a token
- detect scam/honeypot patterns
- inspect holder concentration/liquidity quality
- review contract risk signals
- get risk/market/code score breakdown
- evaluate tokens across `eth`, `pol`, `base`, `bsc`, or `sol`

## Supported Chains

| Short Name | Chain               | Token Standard |
| ---------- | ------------------- | -------------- |
| `eth`      | Ethereum            | ERC-20         |
| `pol`      | Polygon             | ERC-20         |
| `base`     | Base                | ERC-20         |
| `bsc`      | Binance Smart Chain | BEP-20         |
| `sol`      | Solana              | SPL            |

Payment is always in USDC on Base, regardless of analysis chain.

## Command Playbook for OpenClaw

### 1) Readiness / Setup

Run:

```bash
x402-wach wallet setup
```

If setup says not ready, run:

```bash
x402-wach wallet doctor
x402-wach wallet login <EMAIL>
x402-wach wallet verify <FLOW_ID> <OTP>
x402-wach wallet balance
```

Interpretation:

- `✓ Ready to make x402 payments with AWAL` -> proceed to analysis.
- `AWAL wallet is not authenticated` -> run login + verify flow.
- `Insufficient USDC on Base` -> ask user to fund AWAL address.
- `Could not read AWAL balance/status` -> run doctor and show raw failure.

### 2) Risk Analysis

Run:

```bash
x402-wach verify-risk <TOKEN_ADDRESS> <CHAIN_SHORT_NAME>
```

Preferred cap-safe form:

```bash
x402-wach verify-risk <TOKEN_ADDRESS> <CHAIN_SHORT_NAME> --max-amount-atomic 10000
```

### 3) Optional Helpers

```bash
x402-wach wallet status
x402-wach wallet address
x402-wach chains
x402-wach guide
```

## Tool Result Interpretation Rules

### Readiness/Doctor Output

- **Contains `✓ Ready`** -> safe to proceed with paid analysis.
- **Contains `not authenticated`** -> require OTP login/verify.
- **Contains `Insufficient USDC`** -> request wallet funding on Base.
- **Contains command-help text from AWAL** -> command mismatch/version issue; run `x402-wach wallet doctor` and use supported subcommands shown.
- **Contains JSON parse errors** -> treat as AWAL output format mismatch; surface raw error and do not continue paid flow.

### verify-risk Output

- **`Token analysis complete!` + populated sections** -> success.
- **Header only with empty body** -> payload unwrap issue; report as tool parsing bug.
- **`No token found` / empty report** -> valid call, no token at address/chain.
- **402/payment error** -> wallet balance/cap/auth issue; user action required.

## Safety-Focused User Guidance

When blocked, provide this exact short path:

```bash
x402-wach wallet doctor
x402-wach wallet login <email>
x402-wach wallet verify <flowId> <otp>
x402-wach wallet balance
```

Then retry:

```bash
x402-wach verify-risk <TOKEN_ADDRESS> <CHAIN_SHORT_NAME> --max-amount-atomic 10000
```

## Programmatic Usage Pattern (Agent-Friendly)

```typescript
import {
  getAwalReadiness,
  validateTokenAddress,
  verifyTokenRisk,
} from "@quillai-network/x402-wach";

const token = "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48";
const chain = "eth";

const validation = validateTokenAddress(token, chain);
if (!validation.valid) throw new Error(validation.error);

const readiness = await getAwalReadiness(10_000);
if (!readiness.ready) throw new Error(readiness.reasons.join("; "));

const report = await verifyTokenRisk(token, chain, { maxAmountAtomic: 10_000 });
console.log(report);
```

## Expected Report Sections

On successful analysis, formatted output can include:

- Market Data
- Risk Scores
- Honeypot Analysis
- Holders
- Liquidity
- Code Analysis
- Social & Community
- Source (TokenSense link) + report timestamp

## Absolute Prohibitions for OpenClaw

- Do not use or suggest `wallet create`, `wallet import`, or `wallet.json`.
- Do not ask user for private key or seed phrase.
- Do not increase spend cap silently.
- Do not claim analysis success when output parsing failed.
- Do not suppress AWAL raw errors when diagnosis is needed.

Related Skills

x402

3891
from openclaw/skills

Search for new services and make paid API requests using the x402 payment protocol. Use when you don't have a clear tool to choose, search the bazaar. You can also use this tool if you or the user want to call an x402 endpoint, discover payment requirements, browse the bazaar, or search for paid services.

General Utilities

Analytix402

3891
from openclaw/skills

Monitor, control, and optimize your AI agent's API spend and LLM costs in real-time.

wachai

3891
from openclaw/skills

Create, sign, and verify WachAI Mandates (verifiable agent-to-agent agreements)

x402engine

3891
from openclaw/skills

Pay-per-call API gateway skill — calls 63 APIs (LLMs, image/video gen, flights, hotels, crypto, web search) via x402 micropayments. Each call costs $0.001-$0.60 in USDC/USDm, enforced by a local policy engine with spend caps.

simmer-x402

3891
from openclaw/skills

Make x402 payments to access paid APIs and gated content. Use when a skill needs to fetch data from x402-gated endpoints (like Kaito mindshare API, Simmer premium endpoints, or any x402 provider). Handles 402 Payment Required responses automatically using USDC on Base.

asrai-x402

3891
from openclaw/skills

Crypto market analysis using Asrai API. Covers technical analysis, screeners, sentiment, forecasting, smart money, Elliott Wave, cashflow, DEX data, and AI-powered insights. Each API call costs $0.005 USDC from your own wallet on Base mainnet via x402.

clawhub-x402-payments

3880
from openclaw/skills

Implements USDC x402 payments via PayAI (EIP-3009) and DHM x402 payments via EVVM native (signed pay). Use when adding x402 payment flows, PayAI Echo integration, EVVM pay() for DHM, agent-to-agent payments with Privy, or when the user asks how to do USDC/DHM x402 in the ClawHub/NHS EVVM app.

---

3891
from openclaw/skills

name: article-factory-wechat

Content & Documentation

humanizer

3891
from openclaw/skills

Remove signs of AI-generated writing from text. Use when editing or reviewing text to make it sound more natural and human-written. Based on Wikipedia's comprehensive "Signs of AI writing" guide. Detects and fixes patterns including: inflated symbolism, promotional language, superficial -ing analyses, vague attributions, em dash overuse, rule of three, AI vocabulary words, negative parallelisms, and excessive conjunctive phrases.

Content & Documentation

find-skills

3891
from openclaw/skills

Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express interest in extending capabilities. This skill should be used when the user is looking for functionality that might exist as an installable skill.

General Utilities

tavily-search

3891
from openclaw/skills

Use Tavily API for real-time web search and content extraction. Use when: user needs real-time web search results, research, or current information from the web. Requires Tavily API key.

Data & Research

baidu-search

3891
from openclaw/skills

Search the web using Baidu AI Search Engine (BDSE). Use for live information, documentation, or research topics.

Data & Research